Getting Started with the Fitbit APIs
Creating a Fitbit Developer Account
To use the Fitbit APIs, you need to have a Fitbit developer account. To create a developer account,
- Go to https://accounts.fitbit.com/signup to register for a fitbit.com account. The email address must be valid to complete the verification process. An existing fitbit.com account can be used.
- A verification email will be sent to the user requesting a response.
Once the email address is verified, the user will be able to access https://dev.fitbit.com/apps to register new applications used to query the Web APIs.
To change the registered email address of the Fitbit developer account, please contact Fitbit Web API support for assistance.
TIP: For larger organizations, we recommend the developer account email address be a distribution list. Distribution lists are easier to manage ownership as people migrate throughout the company.
Registering an Application
An application must be registered within the developer account prior to calling the Fitbit Web APIs for the first time. Each registered application is provided with a client ID and secret. These client credentials will need to be referenced by the application during user authorization.
Steps to register your application with Fitbit
- Go to https://dev.fitbit.com/apps
- In the upper right hand corner, click the link "Register a new application"
- Go to https://dev.fitbit.com
- In the upper right hand corner, click on Manage -> Register an App
Fill out the following fields:
|Application Name||required||The name of your application.|
|Description||required||Describe what your application does.|
|Application Website||required||The URL that points to your application website or download page.
This URL is presented to the user during consent.
|Organization||required||The name of your company or organization.|
|Organization Website||required||Your company or organization website URL.|
|Terms of Service URL||required||The link to your Terms of Service document related to this application. It will be presented to the user during consent.|
|OAuth 2.0 Application Type||required||Supported: Server | Client | Personal
See Application Types
|Callback URL||required||A link sending the onboarding user back to your application. The URL must be absolute. See Redirect URL.|
|Default Access Type||required||Supported: Read-only | Read & Write
See Access Types
|Add a Subscriber||optional / recommended||This is required if you want to received webhook / push notifications for updates to user data. Not required for registering an application. See Subscriptions|
NOTE: All URLs must use https.
When registering your application, select the appropriate “OAuth 2.0 Application Type”. See Authorization to determine the recommended OAuth 2.0 authorization flow that should be used for your application type.
- “Server” (recommended) applications are usually multi-tier and have a server component to the architecture. They provide server-side authentication where the application and server communicate via a web service.
- “Client” applications are usually single-tier and do not have a server component to the architecture. These applications allow for client-side authentication.
- “Personal” applications can only access data in the developer account. They automatically receive access to intraday time series data that otherwise requires Fitbit approval. They can be created using a client or server architecture.
Applications operate in a read-only or read & write manner. This is an application-level setting and applies to all scopes. This is configured in the application settings at https://dev.fitbit.com/apps.
Only configure "Read & Write" access if you're sending data to Fitbit.
WARNING: Changing the access type settings will immediately invalidate all existing access tokens.
Registration Page Example
All registered applications will appear under the developer’s account at https://dev.fitbit.com/apps. Selecting one of the applications will display a summary of the application settings (see image).
Application Settings Example